Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Bi4mto3BSZhfX5oIqNQFNtQRv8Q.roa
File: Bi4mto3BSZhfX5oIqNQFNtQRv8Q.roa (raw, json)
Hash identifier: 8DsAFsRRexhxKBAqQ0lgnbX07revs3tBOmBCQy2bSOg=
Subject key identifier: 06:2E:26:B6:8D:C1:49:98:5F:5F:9A:08:A8:D4:05:36:D4:11:BF:C4
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189E3E0A9DAFDE504D98A4BF3BF1FB3ADBC
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Bi4mto3BSZhfX5oIqNQFNtQRv8Q.roa
Signing time: Fri 11 Aug 2023 09:14:58 +0000
ROA not before: Fri 11 Aug 2023 09:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:e3:e0:a9:da:fd:e5:04:d9:8a:4b:f3:bf:1f:b3:ad:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 11 09:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=062e26b68dc149985f5f9a08a8d40536d411bfc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:fa:20:55:b3:07:30:70:8b:ed:a3:1e:2a:2b:
a4:38:d7:b0:1b:85:23:7d:05:c7:66:29:93:2e:73:
29:95:79:b9:e2:fb:eb:3a:20:dd:b9:50:74:7a:8f:
19:2d:68:0c:a4:8f:1a:fd:b7:3b:5c:27:8b:49:b8:
ed:35:86:d4:05:14:34:1b:bd:53:ce:e4:f9:2c:57:
72:d3:af:6f:77:06:dc:7d:2f:e4:45:36:65:e4:bc:
b7:c8:59:06:51:c4:a6:07:55:31:53:e5:ac:21:9f:
be:87:67:7e:57:da:6b:3f:6e:fd:b3:5e:75:cf:01:
8e:1e:cd:eb:d6:40:f5:06:5f:7a:21:c5:5d:bd:16:
f5:02:87:1a:13:45:32:8e:2a:50:41:5d:c7:a2:d8:
9e:ce:e6:f6:a2:8a:0e:79:77:58:ba:8c:94:bf:55:
5a:ab:8c:1c:a4:53:86:75:e2:f2:a9:02:18:9f:12:
61:92:31:6a:52:fc:ae:4c:d5:c8:39:e0:fe:cc:90:
46:4e:79:74:7f:ad:b7:e3:4f:ee:f3:25:d4:25:0f:
01:df:7a:1e:ec:e1:60:19:dc:c3:6e:a6:06:23:d1:
a5:60:c4:3e:f8:bf:ce:cc:30:db:2b:48:d3:df:7b:
82:19:f9:75:80:8c:5a:3b:cc:21:ef:52:f4:61:af:
95:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:2E:26:B6:8D:C1:49:98:5F:5F:9A:08:A8:D4:05:36:D4:11:BF:C4
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Bi4mto3BSZhfX5oIqNQFNtQRv8Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
12:6d:9a:89:8f:32:0e:9a:a4:5c:76:a7:ce:2f:8c:a5:eb:7f:
f1:22:c5:1b:a0:b7:d2:ec:c0:40:7f:10:2a:94:c5:a8:db:12:
de:ee:05:97:00:24:78:87:54:db:75:ff:3d:6f:84:76:34:b5:
20:66:a6:79:fd:74:46:6e:48:79:39:0b:50:0f:89:a1:1e:bd:
14:40:dc:73:74:a8:8c:aa:c1:02:a3:f3:80:5b:86:b7:35:87:
8f:93:72:3d:77:fe:60:dd:38:b6:47:99:a0:b4:48:3e:02:7b:
2a:09:68:79:3b:4d:b3:09:94:fd:c9:a6:f0:0d:60:32:47:85:
b6:7e:15:2f:78:23:ca:66:15:0e:10:15:26:1c:ca:83:43:74:
89:1e:09:c6:51:5b:b3:7d:ad:04:31:f1:08:57:b4:38:f5:32:
54:c1:63:97:5b:3f:16:ee:3c:dd:6c:45:1b:91:86:25:ef:bd:
f0:87:27:0f:59:c9:ed:d3:8d:10:2c:d2:64:1c:6b:1a:33:cd:
a2:c6:c0:f4:55:2e:27:a8:7a:15:1f:be:d3:05:b2:43:c1:40:
42:82:60:ef:21:df:86:67:b3:ab:d4:32:86:de:f2:02:f8:a4:
0c:59:dc:c7:74:3f:18:e7:bc:fb:76:33:c4:20:9d:98:52:43:
4f:0d:1b:d7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnj4Kna/eUE2YpL878fs628MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODExMDkxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjJlMjZiNjhkYzE0OTk4NWY1ZjlhMDhhOGQ0MDUzNmQ0MTFiZmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzvogVbMHMHCL7aMeKiukONewG4Uj
fQXHZimTLnMplXm54vvrOiDduVB0eo8ZLWgMpI8a/bc7XCeLSbjtNYbUBRQ0G71T
zuT5LFdy069vdwbcfS/kRTZl5Ly3yFkGUcSmB1UxU+WsIZ++h2d+V9prP279s151
zwGOHs3r1kD1Bl96IcVdvRb1AocaE0UyjipQQV3Hotiezub2oooOeXdYuoyUv1Va
q4wcpFOGdeLyqQIYnxJhkjFqUvyuTNXIOeD+zJBGTnl0f62340/u8yXUJQ8B33oe
7OFgGdzDbqYGI9GlYMQ++L/OzDDbK0jT33uCGfl1gIxaO8wh71L0Ya+VVwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAYuJraNwUmYX1+aCKjUBTbUEb/EMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvQmk0bXRvM0JTWmhmWDVvSXFOUUZOdFFSdjhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABJtmomPMg6apFx2p84v
jKXrf/EixRugt9LswEB/ECqUxajbEt7uBZcAJHiHVNt1/z1vhHY0tSBmpnn9dEZu
SHk5C1APiaEevRRA3HN0qIyqwQKj84Bbhrc1h4+Tcj13/mDdOLZHmaC0SD4CeyoJ
aHk7TbMJlP3JpvANYDJHhbZ+FS94I8pmFQ4QFSYcyoNDdIkeCcZRW7N9rQQx8QhX
tDj1MlTBY5dbPxbuPN1sRRuRhiXvvfCHJw9Zye3TjRAs0mQcaxozzaLGwPRVLieo
ehUfvtMFskPBQEKCYO8h34Zns6vUMobe8gL4pAxZ3Md0PxjnvPt2M8QgnZhSQ08N
G9c=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:39:12 2025 by rpki-client